test(auth): fix tests and test sync evaluate_one

bento-platform · Oct 19, 2023 · 0bad99a · 0bad99a
1 parent 26d2b03
commit 0bad99a
Show file tree

Hide file tree

Showing 3 changed files with 30 additions and 9 deletions.
diff --git a/tests/test_platform_django.py b/tests/test_platform_django.py
@@ -33,7 +33,7 @@ def test_django_auth(
     responses.add(
         responses.POST,
         "https://bento-auth.local/policy/evaluate",
-        json={"result": authz_res},
+        json={"result": [[authz_res]]},
         status=authz_code,
     )
     r: JsonResponse = client.post(

diff --git a/tests/test_platform_fastapi.py b/tests/test_platform_fastapi.py
@@ -248,20 +248,20 @@ def test_fastapi_auth(
     aioresponse: aioresponses,
     fastapi_client_auth: TestClient,
 ):
-    aioresponse.post("https://bento-auth.local/policy/evaluate", status=authz_code, payload={"result": authz_res})
+    aioresponse.post("https://bento-auth.local/policy/evaluate", status=authz_code, payload={"result": [[authz_res]]})
     r = fastapi_client_auth.post(
         test_url, headers=(TEST_AUTHZ_HEADERS if inc_headers else {}), json=TEST_AUTHZ_VALID_POST_BODY)
     assert r.status_code == test_code
 
 
 def test_fastapi_auth_invalid_body(aioresponse: aioresponses, fastapi_client_auth: TestClient):
-    aioresponse.post("https://bento-auth.local/policy/evaluate", status=200, payload={"result": True})
+    aioresponse.post("https://bento-auth.local/policy/evaluate", status=200, payload={"result": [[True]]})
     r = fastapi_client_auth.post("/post-private", headers=TEST_AUTHZ_HEADERS, json={"test1": "a"})
     assert r.status_code == 400
 
 
 def test_fastapi_auth_500(aioresponse: aioresponses, fastapi_client_auth: TestClient):
-    aioresponse.post("https://bento-auth.local/policy/evaluate", status=200, payload={"result": True})
+    aioresponse.post("https://bento-auth.local/policy/evaluate", status=200, payload={"result": [[True]]})
     r = fastapi_client_auth.get("/get-500", headers=TEST_AUTHZ_HEADERS)
     assert r.status_code == 500
 
@@ -282,7 +282,7 @@ def test_fastapi_auth_options_call(aioresponse: aioresponses, fastapi_client_aut
 
 
 def test_fastapi_auth_post_with_token_in_body(aioresponse: aioresponses, fastapi_client_auth: TestClient):
-    aioresponse.post("https://bento-auth.local/policy/evaluate", status=200, payload={"result": True})
+    aioresponse.post("https://bento-auth.local/policy/evaluate", status=200, payload={"result": [[True]]})
     r = fastapi_client_auth.post("/post-with-token-in-body", json={"token": "test", "payload": "hello world"})
     assert r.status_code == 200
     assert r.text == '{"payload":"hello world"}'

diff --git a/tests/test_platform_flask.py b/tests/test_platform_flask.py
@@ -114,6 +114,19 @@ def auth_post_with_token_in_body():
         )
         return jsonify({"payload": payload})
 
+    @test_app_auth.route("/post-with-token-evaluate-one", methods=["POST"])
+    def auth_post_with_token_evaluate_one():
+        token = request.json["token"]
+
+        auth_middleware.mark_authz_done(request)
+        return jsonify({"payload": auth_middleware.evaluate_one(
+            request,
+            PERMISSION_INGEST_DATA,
+            RESOURCE_EVERYTHING,
+            require_token=True,
+            headers_getter=(lambda _r: {"Authorization": f"Bearer {token}"}),
+        )})
+
     with test_app_auth.test_client() as client:
         yield client
 
@@ -207,7 +220,7 @@ def test_flask_auth(
     responses.add(
         responses.POST,
         "https://bento-auth.local/policy/evaluate",
-        json={"result": authz_res},
+        json={"result": [[authz_res]]},
         status=authz_code,
     )
     r = flask_client_auth.post(
@@ -217,26 +230,34 @@ def test_flask_auth(
 
 @responses.activate
 def test_flask_auth_500(flask_client_auth: FlaskClient):
-    responses.add(responses.POST, "https://bento-auth.local/policy/evaluate", json={"result": True}, status=200)
+    responses.add(responses.POST, "https://bento-auth.local/policy/evaluate", json={"result": [[True]]}, status=200)
     r = flask_client_auth.get("/get-500", headers=TEST_AUTHZ_HEADERS)
     assert r.status_code == 500
 
 
 @responses.activate
 def test_flask_auth_404(flask_client_auth: FlaskClient):
-    responses.add(responses.POST, "https://bento-auth.local/policy/evaluate", json={"result": True}, status=200)
+    responses.add(responses.POST, "https://bento-auth.local/policy/evaluate", json={"result": [[True]]}, status=200)
     r = flask_client_auth.get("/get-404", headers=TEST_AUTHZ_HEADERS)
     assert r.status_code == 404
 
 
 @responses.activate
 def test_flask_auth_post_with_token_in_body(flask_client_auth: FlaskClient):
-    responses.add(responses.POST, "https://bento-auth.local/policy/evaluate", json={"result": True}, status=200)
+    responses.add(responses.POST, "https://bento-auth.local/policy/evaluate", json={"result": [[True]]}, status=200)
     r = flask_client_auth.post("/post-with-token-in-body", json={"token": "test", "payload": "hello world"})
     assert r.status_code == 200
     assert r.text == '{"payload":"hello world"}\n'
 
 
+@responses.activate
+def test_flask_auth_post_with_token_evaluate_one(flask_client_auth: FlaskClient):
+    responses.add(responses.POST, "https://bento-auth.local/policy/evaluate", json={"result": [[True]]}, status=200)
+    r = flask_client_auth.post("/post-with-token-evaluate-one", json={"token": "test"})
+    assert r.status_code == 200
+    assert r.text == '{"payload":true}\n'
+
+
 @responses.activate
 def test_flask_auth_disabled(flask_client_auth_disabled_with_middleware: tuple[FlaskClient, FlaskAuthMiddleware]):
     flask_client_auth_disabled, auth_middleware_disabled = flask_client_auth_disabled_with_middleware